In the Claims; 

Please cancel claims 25, 27, and 29. Please amend claims 26, 28, 30-31, and 50. Please 
add new claims 51-69. The claims are as follows: 

1-24. (Canceled) 

25. (Canceled) 

26. (Currently amended) Tlit method of claim 25 A method for recording server authentication 
information, said method comprising: 

p.gtaV>1is1iinfy , hv a first ser/er of a plurality of server s in a federated computing 
envirnnme nt. a trusting relationship between the f irst server and a second server of the plurality 
of servers, wherein said establishiog the trustmg relationship comprises exchanging, by the furst 
server, an electronic certificate of the first server with an electronic certificate of the second 
server in accordance with a Public Key Infrastructure (PKI) method; 

after said establishing the trusting relationship, obta ining bv the first server an 
authenticatioti policy of the second server, wherein an authentication policy for each server of the 
plurality of servers is defined as at least one rule of each server for authenticating users of the 
federated computing environment: and 

after said obtaining the authentication policy of the second server, registering by the first 
server the authentication policy of the second server within the first server. 
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27. (Canceled) 



28. (Currently amended) The method of claim 25 26, wherein the at least one rule includes a 
numb e r of alpl i dbctic cliaidclus of a usci idcntlficaaun (ED), a uumbcr of nm naio chai-actcrs of 
the user ID, a data size for fingerprint authentication, a data size for voice print authentication, or 
a combination[[s]] thereof. 

29. (Canceled) 

30. (Currently amended) The method of claim [[29]] 26, wherein said registering the 
authentication policy of the second server comprises registering the authentication po Ucy of the 
second server in an authentication policv table of t he first server, wherein the authentication 
policy table of the first server comprises an authen tication policv of each server of the plurality of 
servers registered therein, and wherein the authentication policy table of the first server fiirther 
comprises: 

a server address of each server registered therein; and 

a relative priority of each server of a group of servers having a same authentication policy 
in the authentication policy table. 

31. (Currently amended) The method of claim [[29]] 26, wherein said registering the 
authentication policv of the second server comprises registering the authenticati on policy of the 
second server in an authentication policy table of th e first server, wherein the authentication 
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policy table of the first server comprises an authentication policy of each server of the plurality of 
servers registered therein, wherein the authentication policy of the second server is identical to an 
authentication policy of tihe first server, wherein a first common user identifier (ID) exists in an 
authentication information Lightweight Directory Access Protocol (LDAP) of the Burst server and 
in an authentication information LDAP of the second server, wherein the first common user ID is 
used by a first user in the first server and by a second user in the second server such that the 
second user differs from the first user, and wherein the method finfher comprises: 

after said registering the authentication policy of the second server, registering by the first 
server the first common user ED in a exceptional ID table of the first server, wherein the 
exceptional ED table of the first server stores common user IDs and an indication of one or more 
servers associated Mdth each common user ID stored in the exceptional ID table of the first 
server. 

32-49. (Canceled) 

50. (Currently amended) The method of claim 25 26, wherein the at least one rule includes 
consists of four rules, said four rules consisting of a number of alphabetic characters of a user 
identification (ID), a number of numeric characters of the user ID, a data size for fingerprint 
authentication, and a data size for voice print authentication. 

51. (New) The method of claim 26, wherein the method fiirther comprises: 
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receiving, by the first server, an access request from a user to access the federated 
computing environment, wherein the first server comprises an authentication policy table that 
comprises the authentication policy of each server of the plurality of servers registered therein; 

after said receiving the access request, receiving by the first server input authentication 
information from the user; 

obtaining, by the first server, a server address of the second server, wherein the 
authentication policy of the second server matches an authentication policy of the first server; 

transmitting, by the first server to the second server via the server address of the second 
server, the input authentication information; 

after said transmitting the input authentication information to the second server, receiving 
by the first server firom the second server a notification that the second server has successfiiUy 
authorized the user; and 

after said receiving the notification that the second server has successfially authorized the 
user, permitting the user to access the federated computing environment, wherein said permitting 
is performed by tiie first server. 

52. (New) The method of claim 51, wherein after said transmitting the input authentication 
information to the second server and before said permitting Ihe user to access the federated 
computing environment, the method further comprises: 

receiving by the first server from the second server a token that may be used by the user 
to access the federated computing environment; and 

sending, by the first server, the token to the user. 

S/N: 10/598,875 5 



53. (New) The method of claim 52, wherein the token is a credential and a cookie. 
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54. (New) A system, comprising: 

a first server, said first server being comprised by a plurality of servers in a federated 

computing environment; and 

a computer readable storage medium comprising program code stored therein, said 

program code configured to be executed by the first server to perform a method for recording 

server authentication information, said meliiod comprising: 

establishing, by the first server, a trusting relationship between the fiarst server and 
a second server comprised by the plurality of servers, wherein said establishing the 
trusting relationship comprises exchanging, by the first server, an electronic certificate of 
the first server v^th an electronic certificate of the second server m accordance with a 
Public Key hifrastructure (PKI) method; 

after said estabUshing the trusting relationship, obtaining by the first server an 
authentication policy of the second server, wherein an authentication policy for each 
server of the plurality of servers is defmed as at least one rule of each server for 
authenticating users of the federated computing environment; and 

after said obtaining the authentication policy of the second server, registering by 
the first server the authentication policy of the second server within the first server. 

55. (New) The system of claim 54, wherein the at least one rule includes a data size for 
fmgerprint authentication, a data size for voice print authentication, or a combination thereof 
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56. (New) The system of claim 54, wherein said registering the authentication poUcy of the 
second server comprises registering the authentication policy of the second server in an 
authentication policy table of tiie first server, wherein the authentication policy table of the first 
server comprises an authentication policy of each server of the plurality of servers registered 
tiierein, wherein the authentication policy table of the first server ftirther comprises: 

a server address of each server registered therein; and 

a relative priority of each server of a group of servers having a same authentication policy 
in tiie authentication policy table. 

57. (New) The system of claim 54, wherein said registering the authentication policy of the 
second server comprises registering the authentication policy of the second server in an 
authentication policy table of the first server, wherein the authentication policy table of the first 
server comprises an authentication policy of each server of the plurality of servers registered 
therein, wherein the authentication policy of the second server is identical to an authentication 
policy of the furst server, wherein a first common user identifier (ID) exists in an authentication 
information Lightweight Directory Access Protocol (LDAP) of the furst server and in an 
authentication information LDAP of the second server, wherein the first common user ID is used 
by a first user in the first server and by a second user in the second server such that the second 
user differs fi-om the furst user, and wherein the method further comprises: 

after said registering the authentication policy of the second server, registering by the first 
server the fnst common user ED in a exceptional ID table of the first server, wherein the 
exceptional ID table of the furst server stores common user IDs and an indication of one or more 
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servers associated with each common user ID stored in the exceptional ID table of the first 
server. 

58. (New) The system of claim 54, wherein the at least one rule consists of four rules, said four 
rules consisting of a number of alphabetic characters of a user identification (ID), a number of 
numeric characters of the user ID, a data size for fingerprint authentication, and a data size for 
voice print authentication. 

59. (New) The system of claim 54, wherein the method further comprises: 

receiving, by the first server, an access request firom a user to access the federated 
computing environment, wherein the first server comprises an authentication policy table that 
comprises the authentication policy of each server of the plurality of servers registered therein; 

after said receiving the access request, receiving by the first server input authentication 
information irom the user; 

obtaining, by the first server, a server address of the second server, wherein the 
authentication policy of the second server matches an authentication policy of the first server; 

transmitting, by the first server to the second server via the server address of the second 
server, the input authentication information; 

after said transmitting the input authentication information to the second server, receiving 
by the first server ftom the second server a notification that the second server has successfully 
authorized the user; and 
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after said receiving the notification ttiat the second server has successftilly authorized the 
user, permitting the user to access the federated computing environment, wherein said permitting 
is performed by the first server. 

60. (New) The system of claim 59, wherein after said transmitting the input authentication 
information to the second server and before said permitting the user to access the federated 
computing environment, the method further comprises: 

receiving by the first server from the second server a token that may be used by the user 
to access the federated computing environment; and 

sending, by the furst server, the token to the user. 

61. (New) The system of claim 60, wherein the token is a credential and a cookie. 
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62. (New) A computer program product comprising: 

a computer readable storage medium, said computer readable storage medium comprising 
program code stored therein, said program code configured to be executed by a first server to 
perform a method for recording server authentication information, said first server being 
comprised by a plurality of servers in a federated computing environment, said method 
comprising: 

establishing, by the first server, a trusting relationship between the first server and 
a second server comprised by the plurality of servers, wherein said establishing the 
trusting relationship comprises exchanging, by the first server, an electronic certificate of 
the fu-st server with an electronic certificate of the second server ia accordance with a 
Public Key Infirastructure (PKI) method; 

after said establishing the trustiug relationship, obtaining by the first server an 
authentication policy of the second server, wherein an authentication policy for each 
server of the plurality of servers is defined as at least one rule of each server for 
authenticating users of the federated computing environment; and 

after said obtaming the authentication policy of the second server, registering by 
the first server the authentication policy of the second server within the first server. 

63. (New) The computer program product of claim 62, wherein the at least one rule includes a 
data size for fingerprint authentication, a data size for voice print authentication, or a 
combination thereof 
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64. (New) The computer program product of claim 62, wherein said registering the 
authentication policy of the second server comprises registering the authentication policy of the 
second server in an authentication policy table of the first server, wherein the autiientication 
policy table of tiie first server comprises an authentication policy of each server of the pliarality of 
servers registered therein, wherein the authentication policy table of the first server further 
comprises: 

a server address of each server registered therein; and 

a relative priority of each server of a group of servers having a same authentication policy 
in the authentication policy table. 

65. (New) The computer program product of claim , whereui said registering the authentication 
policy of the second server comprises registering the authentication policy of the second server in 
an authentication policy table of the first server, wherein the authentication policy table of the 
first server comprises an authentication policy of each server of the plurality of servers registered 
therein, wherein the authentication policy of the second server is identical to an authentication 
poUcy of the first server, wherein a first common user identifier (ED) exists in an authentication 
information Lightweight Directory Access Protocol (LDAP) of the first server and in an 
authentication mformation LDAP of the second server, wherein the first common user ID is used 
by a first user in the fnst server and by a second user in the second server such that the second 
user differs fi:om the first user, and wherein the method fijrther comprises: 

after said registering the authentication policy of the second server, registering by the first 
server the first common user ID in a exceptional ID table of the first server, wherem the 
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exceptional ID table of the first server stores common user IDs and an indication of one or more 
servers associated with each common user ID stored in the exceptional ID table of the &st 
server. 

66. (New) The computer program product of claim 62, wherein the at least one rale consists of 
four rules, said four rules consisting of a number of alphabetic characters of a user identification 
(ID), a number of numeric characters of the user ID, a data size for jHngerprint authentication, and 
a data size for voice print authentication. 

67. (New) The computer program product of claim 62, wherein the method fiirther comprises: 

receiving, by the first server, an access request from a user to access the federated 
computing environment, wherein the first server comprises an authentication policy table that 
comprises the authentication policy of each server of the plurality of servers registered therein; 

after said receiving the access request, receiving by the first server input authentication 
information from the user; 

obtaining, by the first server, a server address of the second server, wherein the 
authentication policy of the second server matches an authentication policy of the first server; 

transmittmg, by the first server to the second server via the server address of the second 
server, the input authentication information; 

after said transmitting the input authentication information to the second server, receiving 
by the first server from the second server a notification that the second server has successfully 
authorized the user; and 
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after said receiving the notification that the second server has successfiiUy authorized the 
user, permitting the user to access the federated computing enviromnent, wherein said permitting 
is performed by the jSrst server. 

68. (New) The computer program product of claim 67, wherein after said transmitting the input 
authentication information to the second server and before said permitting the user to access the 
federated computing enviromnent, the method further comprises: 

receiving by the first server firom the second server a token that may be used by the user 
to access the federated computing environment; and 

sending, by the first server, the token to the user. 

69. (New) The computer program product of claim 68, wherein the token is a credential and a 
cookie. 
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